PHP / MySQL的加入按钮列 [英] PHP / MYSQL Add button to column
问题描述
ColumnOne CoumnTwo CoumnThree Coumnfour Coumnfive ColumnSix
一二三四0'按钮这里
正如你可以在上面看到,我有六列,其中5个含有某种文字,和第六栏是包含一个按钮。我的最终目标是让列6包含三个按键就这样形象的此处节目。这些按钮将允许我编辑,删除,可能另外一个功能。
现在,虽然,我只是好奇,我怎么可以用一个按钮出现在最后一栏我的code以下:
< PHP//创建变量来获取POST数据$ n = $ _ POST ['输入1'];
$电子邮件= $ _ POST ['输入2'];
$名称= $ _ POST ['输入3'];
$:公司= $ _ POST ['输入4'];
$价格= $ _ POST ['输入5'];//连接到数据库mysql_connect(localhost的用户名,密码)或死亡(错误:mysql_error());回声连接到数据库!;mysql_select_db(数据库);//将数据插入表$查询=INSERT INTO CustomerInformation(ID,邮箱,姓名,公司,价格,选项卡数,动作)VALUES(
'NULL''。$ ID。''。$电子邮件,,$名称''。$的公司。''。$的价格'。表单输入类型=按钮(这样的事!));//以上是我最好的尝试。我敢肯定,这是无处接近(对不起!)。的mysql_query($查询)或死亡(错误更新数据库');回声数据库更新成功!;?>
更改code到这个,以确保安全和功能:
< PHP
//连接到数据库mysql_connect(localhost的用户名,密码)
或死亡(错误:mysql_error());回声连接到数据库!;mysql_select_db(数据库);//将数据插入表$电子邮件= mysql_real_escape_string($ _ POST ['输入2']);
$名称= mysql_real_escape_string($ _ POST ['输入3']);
$:公司= mysql_real_escape_string($ _ POST ['输入4']);
$价格= mysql_real_escape_string($ _ POST ['输入5']);$行动= mysql_real_escape_string('插入PHP code的按钮在这里');$查询=INSERT INTO CustomerInformation
(电子邮件,姓名,公司,价格,选项卡数,动作)
VALUES
($电子邮件,$名称,$公司,$价格,$行动);
的mysql_query($查询)或死亡(错误更新数据库');回声数据库更新成功!;?>
请注意,您不需要插入 ID 到表中。如果你有一个自动递增字段 ID 比MySQL将自动创建一个id为你。结果 mysql_real_escape_string()逃跑值为您服务。始终环绕你的 $ VAR 与 单引号或 mysql_real_escape_string()将不可以的工作!
而且从来没有使用它的列/表或数据库的名称,只为值。
请参阅:这些问题的详细信息:
SQL注入一般: XKCD SQL注入 - 请解释结果
使用动态表名时防止SQL注入:为什么会变成这样可怜PHP code?
ColumnOne CoumnTwo CoumnThree Coumnfour Coumnfive ColumnSix one two three four 0 'Button Here'
As you can see above, I have six columns, five of which contain some sort of text, and the sixth column is to contain a button. My end goal is to have column six contain three buttons just like this image HERE shows. These buttons will allow me to edit, delete, and possibly one other function.
For now, though, I am just curious as to how I can make a button appear in the last column using my code below:
<?php
// Create variables to retrieve the POST data
$ID= $_POST['Input1'];
$Email= $_POST['Input2'];
$Name= $_POST['Input3'];
$Company= $_POST['Input4'];
$Price= $_POST['Input5'];
// Connect to the database
mysql_connect ("localhost","Username","Password") or die ('Error: ' . mysql_error());
echo "connected to database!";
mysql_select_db ("Database");
// Insert data into table
$query = "INSERT INTO CustomerInformation (ID, Email,Name,Company,Price,Tab Count,Action) VALUES(
'NULL', '".$ID."', '".$Email."', '".$Name."', '".$Company."', '".$Price."', "Form input type = "button" (something like this!) )";
// Above is my best attempt... I'm sure it's nowhere close (sorry!).
mysql_query($query) or die ('Error updating database');
echo "Database updated successfully!";
?>
Change your code into this to make it secure and functional:
<?php
// Connect to the database
mysql_connect ("localhost","Username","Password")
or die ('Error: ' . mysql_error());
echo "connected to database!";
mysql_select_db ("Database");
// Insert data into table
$Email= mysql_real_escape_string($_POST['Input2']);
$Name= mysql_real_escape_string($_POST['Input3']);
$Company= mysql_real_escape_string($_POST['Input4']);
$Price= mysql_real_escape_string($_POST['Input5']);
$action = mysql_real_escape_string('insert php code for button here');
$query = "INSERT INTO CustomerInformation
(Email,Name,Company,Price,Tab Count,Action)
VALUES
('$Email', '$Name', '$Company', '$Price', '$action') ";
mysql_query($query) or die ('Error updating database');
echo "Database updated successfully!";
?>
Note that you don't need to insert an id into the table. If you have an autoincrement field id than MySQL will autocreate an id for you.
mysql_real_escape_string() escapes values for you. Always surround your $var in the query with ' single quotes or mysql_real_escape_string() will not work!
And never use it for column/table or database names, only for values.
See: these questions for more info:
SQL injection in general: XKCD SQL injection - please explain
protecting against SQL injection when using dynamic table names: Why would this be poor php code?
这篇关于PHP / MySQL的加入按钮列的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
